Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Parse Dashboard Login Panel - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#panel#parse#exposure
Description

What is the "Parse Dashboard Login Panel - Detect?"

The "Parse Dashboard Login Panel - Detect" module is designed to detect the presence of the Parse Dashboard login panel. The Parse Dashboard is a web-based tool that allows developers to manage their Parse Server applications. This module specifically targets the login panel of the Parse Dashboard.

The severity of this module is classified as informative, meaning it provides information about the presence of the login panel but does not indicate any specific vulnerability or misconfiguration.

This module was authored by tess.

Impact

The impact of detecting the Parse Dashboard login panel is primarily informational. It indicates that the Parse Dashboard is accessible and potentially in use for managing Parse Server applications.

How does the module work?

The module works by sending an HTTP GET request to the "/login" path of the target website. It then applies two matching conditions to determine if the Parse Dashboard login panel is present:

- The first matching condition checks the response body for the presence of the phrases "Parse Dashboard" and "PARSE_DASHBOARD_PATH". - The second matching condition checks if the response status code is 200, indicating a successful request.

If both matching conditions are met, the module reports the detection of the Parse Dashboard login panel.

Example HTTP request:

GET /login

The module does not perform any further actions or exploit any vulnerabilities. It simply provides information about the presence of the Parse Dashboard login panel.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/login
Matching conditions
word: Parse Dashboard, PARSE_DASHBOARD_PATHand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability